Last month, GDPR, or the General Data Protection Regulation in the European Union, celebrated its first anniversary. So how are we doing one year later? There are many outcomes that can be attributed to the regulation, some that have improved privacy and some that haven’t had much of an effect. Let’s take a look at some of the developments and highlights of the past year and their impact on privacy:

When it comes to privacy, it’s typically the consumer who’s held responsible for maintaining their own privacy, not the company (take Facebook, for example). But the introduction of facial recognition into our lives could change that dynamic. Consumers’ haven’t been blindly accepting it into their lives but questioning it—and questioning it hard. The result? Companies are being pushed to take responsibility for consumers’ privacy. Which is a good thing for consumers andcompanies—it creates an opportunity for companies to foster trust with consumers and strengthen their relationships with the public at large.